33. • Rewritten from scratch
• Built in integrations
• Command-line interface
• Application based cluster stack
• Setup could be complex
• REST API
Icinga 2
icinga.com
34. • Similar scope to Nagios and Icinga
• Standalone and Subscription Checks
• Several external dependencies
• Lack of historical data
• Cool stuff is enterprise only
Sensu
sensuapp.org
35. • Full featured open source solution
• Agend based approach
• Integrated Logging and Graphing
• Hard to orchestrate and automate
• Scale out limitations
Zabbix
zabbix.com
36. • Streaming processor
• Real time monitoring
• Based on Clojure
• Riemann tools provide the data
• Stateless
• There is not so much going on
Riemann
riemann.io
37. • Full featured open source solution
• Based on Java
• Great of homogenous environments
• Native SNMP support
• Built in Auto-Discovery
OpenNMS
opennms.org
40. • Storage engine similar to RRDtool
• Started the metrics revolution
• Advantage
• Flexible architecture
• Disadvantage
• Flexible architecture
Graphite
graphiteapp.org
41. • Based on Hadoop and Hbase
• Overall complexity is huge
• You can keep the raw data forever
• Easy to scale (if you can make it)
OpenTSDB
opentsdb.org
42. • Highly dimensional data model
• Powerful query language
• Designed for web services
• OS Metrics require node exporter
• Rule based alerting
Prometheus
prometheus.io
43. • Similar scope to Graphite
• Easier to install
• SQL-like query language
• Scale out requires enterprise
• Full featured solution – TICK Stack
InfluxDB (InfluxData)
influxdata.com
44. • Very powerful analytics
• Timelion as Kibana extension
• Beats provide metrics
• Statsd could be used
• Different model approach
Elastic (Stack)
elastic.co
50. Flow of unstructured data with timestamp and message
May 4 16:57:24 web sshd[25828]: Received disconnect from 10.10.0.31: 11: disconnected by user
Logs
51. Flow of structured data with identifiable attributes
Event {
Time: May 4 16:57:24
Process: sshd
State: Received disconnect from 10.10.0.31
Client: 10.10.0.31
}
Events
53. • Kind of the standard in logging
• Powered by Apache Lucene
• Highly integrated solution
• Extensible using X-Pack
• Logstash API is very powerful
• By far the largest community
Elastic Stack
elastic.co
54. Graylog
• Based on Elasticsearch
• Powerful graphical configuration
• Additional MongoDB to maintain
• Build in authentication an
authorization
• Could be used with Logstash
graylog.org
55. • Unified log layer
• Based on other storage engines
• An alternative to Logstash
• Built-in Reliability
• Alternative for custom architecture
Fluentd
fluentd.org
58. • Both standards in their field
…. a long time ago
Webinject and AutoIT
webinject.org and autoitscript.com
59. • Combination of Sahi und Sikulix
• Mainly for Nagios compatible systems
• Prebuild Docker containers available
• Cool features in Shahi are enterprise
only
Sakuli
github.com/ConSol/sakuli
60. • End-to End Monitoring
• Based on a Python module
• Text and object recognition
• IDE to create test cases
• Audit trail and notification system
Alyvix
alyvix.com
63. I am sorry, but there is no best
tool for everyone
64. • Monolithic
• If all-in-one gets the job
done, then perfect
• Good for smaller scale and
non-tech-focused companies
• Modular
• Agile and DevOps requires
flexibility and innovation
• Good for tech driven and
ops-focused companies
Monolithic vs. Modular
Michael Merideth - @victorops
65. I prefer the modular approach
based on a tool chain
66. Setup a real life use case
Play (with integrations)
Choose your favorite
Flip a coin